services / Google Cloud / Entities
Data objects in Firestore in Datastore mode are known as entities. An entity has one or more named properties, each of which can have one or more values. Properties can store data of various types, including strings, numbers, dates, and binary data. An entity is limited to 1 megabyte when stored. Entities operations are billed per operation and per gigabyte per month.
Permissions to create, edit and delete entities can result in spend towards write, read and storage quotas. Access to Entities storing sensitive information can result in data exfiltration.
datastore.entities.update
Entity fields can be deleted by updating the document without fields. this will delete all fields in the entity.
Risks
Scope: HIGH
This privilege may grant access to sensitive data from a single organizational function, or allow interruption of a service supporting a single organizational function.
Links
Contributed by P0 Security